The Deniability Mechanism in the Cyber Age – Its Effect on States' Behavior in the International System

Gil Baram

Researcher

One of the unique characteristics of cyber attacks is that it is almost impossible to identify the source of the attack and who was behind it: The Attribution Problem. On the other hand, there have been cases when the attacking state was identified and the attack was attributed to it but it denied its involvement and rejected these accusations. This deniability mechanism is the core of this proposed research.

International Relations has not yet examined the deniability mechanism in this respect. The general literature about deniability was focused on the legal aspects and on questions of responsibility and accountability and was largely drawn from the field of intelligence studies. Most of that research focused on the options for leaders, mostly in democratic states, to deny their knowledge about certain covert operations carried out in foreign lands during their tenure. The study will examine the importance of the deniability mechanism in several respects: What is the deniability mechanism; What is its significance in conventional military operations and what are the differences in a cyber attack; What are the factors that lead states to deny some offensive cyber operations but not others; How does the use of the deniability mechanism affects the degree of aggression of states in the international arena.

The underlying assumption of the study is that offensive cyber capabilities allow states greater freedom than before and make it easier for them to use their power in the international arena. The origin of this freedom lies primarily in the possibility of conducting offensive cyber attacks while successfully denying responsibility.

Why would a state choose to use the strategy of denial? Two possible explanations for this question are offered in this study: first, the state denies the attack to avoid a reaction by the international community. This explanation is based on the foundations of the realist paradigm in international relations that emphasizes the importance of power in the anarchic international system. The second explanation is based on the Audience Costs theory, calming a state will choose to deny the attack in order to make the victim less motivated to respond, reducing domestic pressures on him to retaliate forcefully, and providing the victim more leeway to choose its response, thus also possibly preventing a dangerous escalation.

The study will use the database of Valeriano & Maness (2014) showing cyber attacks between rivals in the years 2001-2011. New relevant data from the years 2012-2015 will be added to this dataset. The study will combine several techniques and methodologies - quantitative and qualitative. First, the deniability mechanism will be evaluated in the cyber context and in the conventional context; Second, a statistical analysis will be made of the factors that may motivate a state to deny its offensive cyber activity to create an applicable model that will allow an evaluation of the reasons states chose to deny their actions and how the attacked state should react. Following this, different types of qualitative tests using the Process Tracing technique will be employed to strengthen the reliability of the results obtained in the previous section, with the aim to present insights and conclusions that could be implemented by decision-makers.

The ultimate purpose of this kind of research is to create a theoretical framework that will allow for a better understanding of how the use of offensive cyber warfare technology affects the relations between states and the lack of visible long-term conventional war.

Tel Aviv University, P.O. Box 39040, Tel Aviv 6997801, Israel
UI/UX Basch_Interactive